Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/A_CWYxoIWwfOBljlmxxCiaeZ3KU.roa
File: A_CWYxoIWwfOBljlmxxCiaeZ3KU.roa (raw, json)
Hash identifier: YNkY774sbdjFs6CsnsThtRaEgvLbm3/RNrsNAWtHT1M=
Subject key identifier: 03:F0:96:63:1A:08:5B:07:CE:06:58:E5:9B:1C:42:89:A7:99:DC:A5
Certificate issuer: /CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Certificate serial: 0189D6D966F974C1F2A143E8A0EA1AC4982C
Authority key identifier: 31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/A_CWYxoIWwfOBljlmxxCiaeZ3KU.roa
Signing time: Tue 08 Aug 2023 20:31:59 +0000
ROA not before: Tue 08 Aug 2023 20:31:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398373
IP address blocks: 85.153.12.0/22 maxlen: 22
85.153.24.0/22 maxlen: 22
85.153.29.0/24 maxlen: 24
85.153.32.0/24 maxlen: 24
85.153.34.0/24 maxlen: 24
85.153.35.0/24 maxlen: 24
85.153.36.0/22 maxlen: 22
85.153.40.0/24 maxlen: 24
85.153.4.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 08 Aug 2023 20:46:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d6:d9:66:f9:74:c1:f2:a1:43:e8:a0:ea:1a:c4:98:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Validity
Not Before: Aug 8 20:31:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=03f096631a085b07ce0658e59b1c4289a799dca5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:16:fd:a3:7d:76:33:11:a3:24:89:35:b1:7b:
8a:74:98:23:3d:29:8d:71:75:05:38:69:91:96:bb:
55:4e:52:bc:1d:f4:6d:a7:6f:42:41:5b:ba:8d:1c:
c1:20:0c:85:13:7d:7b:92:c4:e6:a2:4e:4d:1e:dc:
a1:43:3b:18:87:08:37:23:3d:2e:89:7a:23:24:27:
84:95:cf:55:86:81:5a:65:e9:ab:30:04:69:68:0d:
1a:14:88:f2:22:5b:a4:3d:35:01:09:e5:24:85:81:
9c:fa:a4:65:60:ca:19:5f:dc:8d:87:c0:f0:eb:39:
8e:87:a8:6d:91:f7:d2:05:eb:36:24:2b:8f:83:ea:
62:bb:52:1f:f9:11:32:4d:1b:5f:40:80:70:1e:49:
96:a2:05:6d:b8:3e:c2:a0:98:23:33:4f:20:cb:dd:
d7:bc:fb:85:5d:13:d4:cb:49:25:03:d1:7c:de:55:
b3:e4:e1:8b:66:e2:ed:25:ac:0a:e1:7a:22:78:1a:
7e:da:83:52:b2:c4:6c:5d:0a:f8:f0:7f:33:9a:1e:
b0:87:46:b9:72:f1:4a:80:1b:cf:b7:19:81:c7:38:
2d:30:ad:ae:26:01:55:7e:7b:12:00:e4:8f:f7:c1:
cf:a5:9e:6f:87:63:5e:8c:60:0b:8c:45:12:88:d3:
30:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:F0:96:63:1A:08:5B:07:CE:06:58:E5:9B:1C:42:89:A7:99:DC:A5
X509v3 Authority Key Identifier:
keyid:31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/A_CWYxoIWwfOBljlmxxCiaeZ3KU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.153.4.0/24
85.153.12.0/22
85.153.24.0/22
85.153.29.0/24
85.153.32.0/24
85.153.34.0-85.153.40.255
Signature Algorithm: sha256WithRSAEncryption
83:b3:3c:a7:e8:1f:fb:ce:c9:d9:11:b7:6e:f2:fe:5b:b3:b1:
69:ba:bb:09:82:f0:7c:0e:9c:63:47:dd:8a:a7:8d:61:9a:32:
b3:8f:9b:38:22:4d:6a:f6:a3:dc:5d:fb:ac:65:ea:e3:e3:89:
11:86:14:53:70:ce:71:2c:ef:88:89:dc:a7:0b:e3:b4:75:86:
c2:86:7b:1f:e7:da:e5:f8:39:4b:09:2f:1b:42:b5:f6:0c:df:
ec:b4:cc:e0:6e:7c:fd:bd:67:a0:fe:b8:8e:e2:bf:42:97:e2:
72:0f:b2:b6:d4:7e:79:1a:03:dd:6f:af:63:d6:9b:5b:a8:36:
4d:46:46:de:5b:3a:66:36:97:8c:70:4a:b3:19:89:5c:96:25:
12:de:70:94:28:a2:c8:88:b1:ff:a1:d9:8e:66:db:d0:10:c5:
e0:19:eb:c4:5c:0a:69:94:68:08:2e:dd:9f:c9:51:8a:62:29:
0c:aa:1f:75:5f:de:bf:1f:0a:16:a6:83:05:74:4e:70:ac:84:
2c:51:e7:b5:95:bb:4b:d8:57:24:c3:4f:63:15:e0:52:af:e2:
35:9b:c8:55:5a:b9:78:69:4a:a5:ce:a5:ec:08:16:22:db:e4:
2d:23:fb:bb:40:7e:0d:cb:a2:13:50:35:06:18:e5:00:c0:43:
11:88:fc:43
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYnW2Wb5dMHyoUPooOoaxJgsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYTE4NWQwZWIwY2E3ODExYzU4NjQyNWRlMGU5NjBlMWNm
ZWI2MWIwHhcNMjMwODA4MjAzMTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2YwOTY2MzFhMDg1YjA3Y2UwNjU4ZTU5YjFjNDI4OWE3OTlkY2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxb9o312MxGjJIk1sXuKdJgjPSmN
cXUFOGmRlrtVTlK8HfRtp29CQVu6jRzBIAyFE317ksTmok5NHtyhQzsYhwg3Iz0u
iXojJCeElc9VhoFaZemrMARpaA0aFIjyIlukPTUBCeUkhYGc+qRlYMoZX9yNh8Dw
6zmOh6htkffSBes2JCuPg+piu1If+REyTRtfQIBwHkmWogVtuD7CoJgjM08gy93X
vPuFXRPUy0klA9F83lWz5OGLZuLtJawK4XoieBp+2oNSssRsXQr48H8zmh6wh0a5
cvFKgBvPtxmBxzgtMK2uJgFVfnsSAOSP98HPpZ5vh2NejGALjEUSiNMwDwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFAPwlmMaCFsHzgZY5ZscQomnmdylMB8GA1UdIwQY
MBaAFDGhhdDrDKeBHFhkJd4Olg4c/rYbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUt
MWRjYzg2YzExZTc0LzEvQV9DV1l4b0lXd2ZPQmxqbG14eENpYWVaM0tVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUtMWRjYzg2YzExZTc0
LzEvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAVZkEAwQC
VZkMAwQCVZkYAwQAVZkdAwQAVZkgMAwDBAFVmSIDBABVmSgwDQYJKoZIhvcNAQEL
BQADggEBAIOzPKfoH/vOydkRt27y/luzsWm6uwmC8HwOnGNH3YqnjWGaMrOPmzgi
TWr2o9xd+6xl6uPjiRGGFFNwznEs74iJ3KcL47R1hsKGex/n2uX4OUsJLxtCtfYM
3+y0zOBufP29Z6D+uI7iv0KX4nIPsrbUfnkaA91vr2PWm1uoNk1GRt5bOmY2l4xw
SrMZiVyWJRLecJQoosiIsf+h2Y5m29AQxeAZ68RcCmmUaAgu3Z/JUYpiKQyqH3Vf
3r8fChamgwV0TnCshCxR57WVu0vYVyTDT2MV4FKv4jWbyFVauXhpSqXOpewIFiLb
5C0j+7tAfg3LohNQNQYY5QDAQxGI/EM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:40 2024 by rpki-client on console-ams.rpki-client.org